Security and Audit of UNIX/Linux - MIS Training

International Leader in Audit TrainingSAVE UP TO 50%WITH IN HOUSETRAININGDetails inside18th - 20th November 2008, LondonSecurity andAudit ofUNIX/LinuxAll the Knowledge You Need to Get toGrips with UNIX and Linux SystemsCourse DirectorSteve RimellLearn how UNIX systems are configured and securedExplore the different versions of UNIX currently in useDiscover how to control UNIX’s greatest risk areasGain a greater understanding of how UNIX systems can operate securelyand reliably in a Windows environmentDeepen your knowledge of how to plan and conduct an audit of both theUNIX and Linux strategic operating systemsMIS past delegates include...ABN AMRO, Alliance & Leicester, Barclays, BT, Canon, Deutsche Bank, Goldman Sachs, HSBC,JP Morgan Chase, National Audit Office, Reuters, Vodafone, Sony, UBSWell structuredand very usefulfor my jobLegal & GeneralA fantastic guidedtour through theworld of securingUNIXJP Morgan ChaseEARN22 CPE CREDITSWeb mistieurope.comEmail mis@mistieurope.com

Security andAudit ofUNIX/LinuxAll the Knowledge You Need toGet to Grips with UNIX andLinux Systems18th - 20th November 2008, LondonSeminar Focus & FeaturesThe UNIX operating system has been around since the 1970sand has had a reputation for being both insecure and at thesame time difficult to use. This isn’t entirely true – a UNIXsystem is as secure as any other operating system if properlyconfigured. In this practical three-day workshop you’ll havehands-on administrator level access to UNIX systems, so youcan see for yourself how they are configured and secured. You’lllearn about the main versions of UNIX in current use – SunSolaris and IBM’s AIX. You’ll also learn about Linux – the opensource operating system that has produced so many headlinesin the IT press over the last few years.The course will provide you with a detailed walk-though of UNIXsecurity and administration tools, illustrating the main areas ofrisk and how they can be controlled by correct systemconfiguration and monitoring. You’ll learn how the varioussystem suppliers like Sun, IBM and the Linux vendors haveimplemented their own versions of file system security,user/group control and logging. UNIX usually has to co-existwith Windows systems in a corporate network, so you will learnhow this is achieved and how UNIX systems can be set up tooperate securely and reliably in a Windows environment. At theend of the course, you will have a thorough understanding ofUNIX and Linux and be able to plan and conduct an audit ofthese strategic operating systems. As well as a detailed coursemanual, we’ll provide you with an audit programme covering allthe main UNIX versions.Course Director Steve RimellSteve Rimell has an enviable reputation as the most respectedauthority in the UK with over 20 years practical experience ininformation systems audit. He provides training, security reviews,consulting services, and internal audit support for a wide range ofpublic and private sector clients in the UK, Europe and many othercountries. He has also had extensive experience as an audit managerrunning a commercial IS audit service. Steve specialises in the moretechnical aspects of information systems audit, having extensiveknowledge of the security and control of UNIX, Oracle, WindowsNT/2000, and networking environments such as TCP/IP. He haspresented hands-on training courses in this subject for SystemsSecurity’s Bristol training centre since 1996, where he proves to thestudents that apparently highly technical areas are not as hard toaudit as they appear. Steve is a member of CIPFA and the Institute ofInternal Auditors. He has delivered public and in-house trainingpresentations for System Security, MIS Training and many otherclients. He is regularly invited to speak at professional meetings andconferences in the UK and overseas, and is presently engaged in avariety of projects to develop audit automation software for networkand operating system security testing. Steve is also the owner andproprietor of Rimell Associates Ltd.

Who Should AttendInformation Security Managers and Analysts; Web, LAN and NetworkAdministrators; Information Technology Planners and Strategists;Application Developers; and IT Auditors.PrerequisiteSecurity and Audit of TCP/IP Networks, or equivalent knowledge ofTCP/IP and general network operating concepts and security. It is alsohelpful if you are familiar with either Windows or a Unix-basedoperating system.Day OneUNIX Versions• AIX• Solaris• Linux versionsOperating System Processes SystemStartup Files• The UNIX boot process• Run levels• Run level control filesThe UNIX File System• Disks and file systems• The UNIX file system standard• The main directories• File and directory permissions• Modes of operation• Access control listsDay TwoUNIX Logon Controls• Default login settings• ‘Per user’ login controls• User login filesUser and Group Management• Group definition files• Group membership and how it affects security UnixNetworking• UNIX and TCP/IP• Network configuration files• Remote commands – rsh, rcp, rlogin• The network service control filesUNIX Graphical Interfaces –The X Window SystemDay ThreeUNIX and Windows• Samba• Windows X ServersPractical Steps to the Auditof a UNIX System• Where to start• Listing users and groups• Using built-in UNIX administration commands• Shell scripting for auditors• Key files to inspect• Change management• System-specific tools for different UNIX versions• Commercial software• Free software toolsLearning levelAdvancedFeeGBP £1,895• Automated vulnerability checkersEARN22 CPE CREDITSIn-House TrainingSave Up To 50% When You Run Thiscourse In-houseIn-house tailored training will enableyou & your colleagues to makesignificant savings as we charge perday & not per participant so the costremains the same regardless of howmany people attend. We can offerany of our public courses or tailorthem to your requirements. Trainingis available in all areas of InternalAudit, IT Audit, and IT SecurityIf you have 6 or more colleagueswho would be interested in one ofour courses and you would like tomake significant savings, contact usnow;• What are your training objectives?• How many people require thetraining?• When would you like to run thetraining?• What level of experience do youand your colleagues have?• We will then email you a detailedproposal which addresses yourunique needs.You will have complete control of thetraining content and decide when it isrun. We guarantee that we will beable to cater for all your businessneeds.Email Guy Cooper atgcooper@mistieurope.comor call+44 (0) 20 7779 8975More Great Reasons to Choose ourIn-house Training:• Save money over public seminarfees• Save money on travel &accommodation• Save time on travel as theinstructor will travel to you.Furthermore, the training can beheld at the most convenient timefor you.• Tailor the course content; ensurethe relevance of the seminar foryour colleagues. You can tailor thestructure & methodology of yourseminar or customise the seminarto meet the expertise levels of theparticipants.• Bring the best in the business;Instructors are hands-on, expertpractitioners who are your subjectmatter consultants when they arenot training.• Gain CPE points & certificates forthe number of training hours.

Security and Audit of UNIX/LinuxAll the Knowledge You Need to Get to Grips with UNIX and Linux SystemsKey topic areasWhen registering for this event please quote reference WEB• Learn how UNIX systems are configured and secured• Explore the different versions of UNIX currently in use• Discover how to control UNIX’s greatest risk areas• Gain a greater understanding of how UNIX systems can operatesecurely and reliably in a Windows environment• Deepen your knowledge of how to plan and conduct an audit of boththe UNIX and Linux strategic operating systemsWhy should you attend?• MIS Training is the global leader in IT audit and info security training,having trained over 200,000 delegates• Course Instructors are the most reputable in the industry• We have an impressive client list including , Barclays, BT, Canon,Deutsche Bank, HSBC to name a few• Earn CPE points - which can be used to qualify/maintain a CISSP, CISAor CISM18th - 20th November 2008, LondonPLEASE SEND ME INFORMATION ABOUT RUNNING THIS COURSE IN-HOUSE Security and Audit of UNIX/Linux(please photocopy form for additional delegates) 18th - 20th November 2008, London (MT2505)GBP £1,895 £+ VAT @ 17.5% £Grand Total £Payment InformationYou can now pay online at www.mistieurope.com Cheque enclosed (payable to MIS Training)Registration Information*Discounts: Please call to enquireabout corporate discounts.Discounts can not be used inconjunction with each other. Please invoice my company PO#Please debit my credit card AMEX VISA MasterCardCard NumberCardholders namePlease include billing address if different from address givenExpiryVerification CodePlease note that in completing this booking you undertake to adhere to thecancellation and payment terms listed belowSignatureDateApproving ManagerPosition5 easy ways to registerTel: +44 (0)20 7779 8944Fax completed form to: +44 (0)20 7779 8293Email: mis@mistieurope.com Web: www.mistieurope.comPost completed form to: Carlos Doughty, MIS Training, Nestor House,Playhouse Yard, London EC4V 5EX UKCustomer InformationTitle First name SurnameTitle/PositionOrganisationE-Mail Address (Required)AddressCountryPostcodeTelephoneFaxVAT Number (If you have one)The information you provide will be safeguarded by the Euromoney Institutional Investor PLCgroup whose subsidiaries may use it to keep you informed of relevant products and services.We occasionally allow reputable companies outside the Euromoney Institutional Investor PLCgroup to contact you with details of products that may be of interest to you. As an internationalgroup we may transfer your data on a global basis for the purposes indicated above. If youobject to contact by telephone fax or email please tick the relevant box. If you do notwant us to share your information with other reputable companies please tick this box Please send me information on In House Training Auditing Business Applications, 8th - 10th September 2008, London Securing and Auditing Windows 2003, 9th - 12th September 2008, London Preparing for the CISA Examination, 3rd - 7th November 2008 London(fees must be paid in advance of the event)Accommodation: The course will be held in a Radisson Edwardian hotel in Central London (zone 1). To get the best available rate at Radisson Edwardian hotels in Londonplease visit www.radissonedwardian.com/mis or, alternatively contact the hotel direct and quote the MIS event title and dates when making your booking.Cancellation Policy: Should a delegate be unable to attend, a substitute may attend in his or her place. Cancellations received within 21 working days of the event are liablefor the full seminar fee. If full payment has been received you are eligible for a 75% reduction on the next run of the seminar. This discount will be valid for one year only. MISreserves the right to change or cancel programmes due to unforeseen circumstances.VAT: All delegates attending are liable to pay VAT. After the event organisations registered for VAT in the UK may reclaim the tax.Delegates from outside the UK but within the European Community may also be able to reclaim the VAT. Organisations outsidethe UK should check with their excise authority as to which domestic fiscal regulations apply. High Yield/No-RiskEARN22 CPE CREDITSWeb mistieurope.comEmail mis@mistieurope.com